Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official. 
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure. 
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Financial Institution Letter

Risk Management of Remote Deposit Capture

January 14, 2009
Notes
 
Summary: The Federal Financial Institutions Examination Council has issued the attached guidance, "Risk Management of Remote Deposit Capture," to assist financial institutions in identifying risks in their remote deposit capture (RDC) systems and evaluating the adequacy of controls and applicable risk management practices. The guidance addresses the necessary elements of an RDC risk management process - risk identification, assessment, and mitigation - and the measurement and monitoring of residual risk exposure. The guidance also discusses the responsibilities of the board of directors and senior management in overseeing the development, implementation, and ongoing operation of RDC.

Highlights:
  • Remote deposit capture, a deposit transaction delivery system, allows financial institution customers to deposit items electronically from remote locations. The primary RDC delivery method is the Internet.
  • A financial institution offering RDC should have in place sound risk management and mitigation systems and require adequate risk management at customer locations including, but not limited to, controls over retained nonpublic personal information.
  • Financial institutions whose RDC systems use the Internet as a communication channel should use effective methods to authenticate the identity of customers using those services. Single-factor authentication methods may not provide sufficient protection for Internet-based financial services.
  • Customer awareness of RDC systems and education about associated RDC risks are effective deterrents to the online theft of assets and sensitive information.

Distribution:
FDIC-Supervised Banks (Commercial and Savings)

Suggested Routing:
Chief Executive Officer
Chief Information Officer
Chief Treasury Officer
Chief Compliance Officer
Chief Audit Officer

  • FFIEC Information Technology Handbook Booklets:
    • E-Banking
    • Information Security
    • Management
    • Operations; and
    • Retail Payment Systems
  • FIL-116-2004, "Check Clearing for the 21st Century Act, Final Amendments to the Federal Reserve Board's Regulation CC," issued October 27, 2004


Note:
To receive FILs electronically, please visit http://www.fdic.gov/about/subscriptions/fil.html .

FDIC financial institution letters (FILs) may be accessed from the FDIC's Web site at www.fdic.gov/news/financial-institution-letters/2009/index.html .

Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).

FIL-4-2009
Attachment(s)
FFIEC Guidance: Risk Management of Remote Deposit Capture

Last Updated: January 14, 2009